PT-2018-14046 · Teltonika · Teltonika Rut9Xx

David Gnedt

Published

2018-10-15

Updated

2019-10-03

CVE-2018-17534

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Teltonika RUT9XX routers with firmware prior to 00.04.233

Description The issue allows attackers with physical access to the device to execute arbitrary commands with root privileges due to a lack of proper access control on the root terminal provided on a serial interface.

Recommendations For Teltonika RUT9XX routers with firmware prior to 00.04.233, update the firmware to version 00.04.233 or later to address the issue.

Exploit

Fix

Improper Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-287

Related Identifiers

CVE-2018-17534

Affected Products

Teltonika Rut9Xx

PT-2018-14046 · Teltonika · Teltonika Rut9Xx

CVE-2018-17534

Weakness Enumeration

Related Identifiers

Affected Products

References · 5